每日安全资讯-2020.11.19

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:挖矿木马4SHMiner,已有1.5万台服务器受害、JamoDat中的授权绕过漏洞&IBM Tivoli Storage Manager中的缓冲区溢出、骑士 CMS 远程命令执行分析、仅使用完整的系统快照对虚拟机监控程序二进制文件进行模糊测试等。

【病毒区】
1、TA505: A Brief History Of Their Time

2、Back from vacation: Analyzing Emotet’s activity in 2020

3、Analysis of the Operation Book Codes from KrCERT/CC
https://www.boho.or.kr/krcert/publicationView.do?bulletin_writing_sequence=35799

4、一次QuasarRAT的利用活动发现分析
https://www.anquanke.com/post/id/222801

5、GravityRAT针对Android设备的间谍行为分析
https://www.anquanke.com/post/id/222330

6、sshd 后门分析与团伙归类报告

7、挖矿木马4SHMiner,已有1.5万台服务器受害

【漏洞分析区】
8、Authorization Bypass vulnerability in JamoDat – TSMManager Collector <= 6.5.0.21 & Buffer Overflow in IBM Tivoli Storage Manager <= 5.2.0.1
https://voidsec.com/tivoli-madness/

9、Vulnerabilities in TP-Link’s TL-WPA4220

10、Post-Auth RCE and Persistence on UOKOO Security Cameras

11、CVE-2020-17053: Use-After-Free IE Vulnerability

12、P for Privacy – The Background Story of iOS 13.7(CVE-2020-9773)

13、骑士 CMS 远程命令执行分析
https://xz.aliyun.com/t/8520

【技术分享区】
14、Fuzzing Hypervisors Binary only using full system snapshots

15、2FA Bypass On Instagram Through A Vulnerable Endpoint

16、Active-Directory-Exploitation-Cheat-Sheet:A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

17、SOPHOS 2021 THREAT REPORT
https://www.sophos.com/en-us/medialibrary/pdfs/technical-papers/sophos-2021-threat-report.pdf

#工具#webscan is a browser-based network IP scanner and local IP detector.

#工具#OpenEDR - Open EDR Public Repository

#工具#MachoDecrypt will decrypt mach-o binaries on iOS.